← volver
CVE-2008-1240

CVE-2008-1240

EPSS 3.2%
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine. NOTE: this is closely related to CVE-2008-1195.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.htmlhttp://secunia.com/advisories/29526http://secunia.com/advisories/29539http://secunia.com/advisories/29541http://secunia.com/advisories/29547http://secunia.com/advisories/29558http://secunia.com/advisories/29560http://secunia.com/advisories/29616http://secunia.com/advisories/29645http://secunia.com/advisories/30327http://secunia.com/advisories/30620https://exchange.xforce.ibmcloud.com/vulnerabilities/41458